prototyping a lightweight trust architecture to fight
play

Prototyping a Lightweight Trust Architecture to Fight Phishing - PowerPoint PPT Presentation

Dec 24, 2022 •167 likes •421 views

Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation Thanks to my collaborators Ben

  1. Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  2. Thanks to my collaborators … Ben Adida Susan Hohenberger Ron Rivest Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  3. Outline The phishing problem Existing solutions SIBR and LTA The prototype DNS, key server, e-mail client Message processing, cryptographic primitives Future work Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  4. A Phishy E-mail From: Support PayPal <do-not-reply@paypal.com> Reply-To: do-not-reply@paypal.com To: ddcc@mit.edu To securely confirm you PayPal details please Subject: Please Restore Your Account Access Date: Sun, 3 Apr 2005 15:57:28 -0400 follow the link below : https://www.paypal.com/cgi-bin/webscr?request=Reactivate Dear PayPal Member, Thank you for prompt attention to this matter and thank you for using PayPal ! Recently there have been a large number of identity theft attempts targeting PayPal PayPal - Fraud Center customers. In order to safeguard your account, 1-800-PayPal. we require that you confirm your PayPal details fraud_prevention@PayPal.com (Credit Card information and login/password for PayPal login , if you have). Do not reply to this e-mail as it is an unmonitored alias This process is mandatory , and if not completed Within the nearest time your account may be subject to temporary suspension. Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  5. The problem: E-mail messages aren’t authenticated Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  6. Existing solutions SPF/SenderID $ dig -t txt mit.edu ;; ANSWER SECTION: mit.edu. 60 IN TXT "v=spf1 ip4:18.7.7.0/24 ip4:18.7.21.0/24 ip4:18.72.0.0/16 ~all" Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  7. Existing solutions DomainKeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received: Date:From:Subject:To:Cc:MIME-Version:Content- Type:Content-Transfer-Encoding; b=kt0N/9igWyJYRe8v5XDaQZuvvdJRHh9pXHPVHbZ1XzKaA7M 6lD7LgrmpFAukvGgWJ3P2LRGNTpYT37mMYPdWx3fJd4qWFXpP ZQtIRa+WVGD5RhjI6YdPwnPoSg6CY9GieFL8EmuyQW0ElLg2f pX4YgcyZU+pkub+ZSUhv7BiJ40= ; Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  8. Existing solutions PGP X.509 … and more ... Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  9. SIBR: S eparable … i dentity-based … r ing signatures Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  10. Identity-based: Your name (or e-mail address) is your public key Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  11. Separable Different users can use different parameters Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  12. Ring signatures One of us signed it, but you can’t prove it was me Repudiable signatures! Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  13. LTA Lightweight Trust Architecture Master public key on DNS server Secret keys e-mailed to users Sign with sender’s secret key and recipient’s public key Just secure enough for e-mail Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  14. The components Things we had to build Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  15. The DNS server Master public key in DNS Generated by administrator of a domain Stored as TXT record in _lta subdomain Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  16. The key server master secret key { } user’s e-mail address user’s secret key expiration date (identity-based public key) Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  17. The key server Web-based interface Secret key sent to user’s e-mail account Selectable expiration date critical for repudiability Prototype implemented in Python Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  18. E-mail client integration Easy to sign and verify messages Key management Prototype with Rmail (Emacs mail client) Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  19. Message processing Message canonicalization Signature covers message body and key headers Signature inserted as header For the future: more sophisticated handling, MIME Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  20. Cryptography Many ways to implement identity-based signature schemes Bohen-Franklin keys Bilinear maps Unfortunately, patented Guillou-Quisquater signatures Based on RSA Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  21. Cryptography We implemented both Signing and verification reasonably fast Keys are short enough to fit inside 512-byte DNS reply Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  22. What we accomplished Demonstrated complete prototype of an LTA system: DNS server that servers master public keys Web-based key server that sends secret keys to users on demand E-mail client that can sign and verify messages Performs DNS key lookups on the fly Imports and uses secret keys from the key server Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  23. Where to go from here … Deployment issues LTA is easier than traditional public-key infrastructure More complex usage scenarios For example: repudiable messages to mailing lists Implementation improvements Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

  24. Thank you! Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation

Recommend

PROTOTYPING FOR IOT @ERICASTANLEY #OPENIOT #PROTOTYPING PROTOTYPING FOR NOT ABOUT ME

PROTOTYPING FOR IOT @ERICASTANLEY #OPENIOT #PROTOTYPING PROTOTYPING FOR NOT ABOUT ME

DUKE UNIVERSITY CS 408, FALL 2016 PROTOTYPING FOR IOT @ERICASTANLEY #OPENIOT #PROTOTYPING PROTOTYPING FOR NOT ABOUT ME Engineer, entrepreneur, advocate Women Who Code Heavy Research Background Telepresence Sensor

1.42k views • 69 slides
Prototyping 11-04-2012 Design &amp; Prototyping benefits (and disadvantages) of

Prototyping 11-04-2012 Design &amp; Prototyping benefits (and disadvantages) of

Prototyping 11-04-2012 Design &amp; Prototyping benefits (and disadvantages) of prototyping low fidelity vs. high fidelity prototyping horizontal vs. vertical prototyping Transform user requirements/needs into a conceptual

235 views • 21 slides
Facilitating the Mini-Quality Attributes Workshop A Lightweight, Architecture-Focused Method

Facilitating the Mini-Quality Attributes Workshop A Lightweight, Architecture-Focused Method

Facilitating the Mini-Quality Attributes Workshop A Lightweight, Architecture-Focused Method Will Chaparro Michael Keeling IBM IBM @wmchaparro @michaelkeeling 2 What happened? We didnt pay enough attention to the right architecture

688 views • 50 slides
We put stunning user experiences on the road. 2 Agenda Prototyping

We put stunning user experiences on the road. 2 Agenda Prototyping

Rapid UI Prototyping Using Qt Quick By Jrgen Bocklage-Ryannel We put stunning user experiences on the road. 2 Agenda Prototyping Prototyping with QML Prototyping with QML Demo Prototyping Prototyping

707 views • 22 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

832 views • 43 slides
Lightweight and Flexible Trust Assessment Modules for the Internet of Things Jan Tobias Mhlberg

Lightweight and Flexible Trust Assessment Modules for the Internet of Things Jan Tobias Mhlberg

empty Lightweight and Flexible Trust Assessment Modules for the Internet of Things Jan Tobias Mhlberg , Job Noorman and Frank Piessens jantobias.muehlberg@cs.kuleuven.be iMinds-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium

636 views • 50 slides
Network Interface Architecture and Prototyping for Chip and Cluster Multiprocessors Supervisor

Network Interface Architecture and Prototyping for Chip and Cluster Multiprocessors Supervisor

University of Crete School of Sciences &amp; Engineering Computer Science Department Master Thesis by Michael Papamichael Network Interface Architecture and Prototyping for Chip and Cluster Multiprocessors Supervisor Prof. Manolis G.H.

1.12k views • 64 slides
Prototyping &amp; Building a System How Prototyping helps (especially when done with

Prototyping &amp; Building a System How Prototyping helps (especially when done with

Prototyping &amp; Building a System How Prototyping helps (especially when done with User-Centered Design) Prototyping http://dilbert.com/strip/2009-07-22 1 Designing Your System (I) Decide which users and tasks you will support. It might

708 views • 19 slides
Prototyping &amp; Building a System How Prototyping helps (especially when done with

Prototyping &amp; Building a System How Prototyping helps (especially when done with

Prototyping &amp; Building a System How Prototyping helps (especially when done with User-Centered Design) Prototyping http://dilbert.com/strip/2009-07-22 1 Designing Your System (I) Decide which users and tasks you will support. It might

408 views • 21 slides
Fast architecture prototyping on FPGAs: frameworks, tools, and challenges Philipp Wagner

Fast architecture prototyping on FPGAs: frameworks, tools, and challenges Philipp Wagner

Fast architecture prototyping on FPGAs: frameworks, tools, and challenges Philipp Wagner Technische Universitt Mnchen Lehrstuhl fr Integrierte Systeme 10.04.2017 Our Goal: Improving MPSoC Architectures Memory I/O Accelerator tiles

606 views • 21 slides
ONoC-SPL: Customized Network-on-Chip (NoC) Architecture and Prototyping for Data-intensive

ONoC-SPL: Customized Network-on-Chip (NoC) Architecture and Prototyping for Data-intensive

iCAST 2012 Seoul, Korea July 21-24 2012 ONoC-SPL: Customized Network-on-Chip (NoC) Architecture and Prototyping for Data-intensive Computation Applications Akram Ben Ahmed, Kenichi Mori, Abderazek Ben Abdallah The University of Aizu School of

710 views • 37 slides
ARENA FIGHT BEST FRENCH KICKBOXING &amp; MMA FIGHTS ARENA FIGHT / 2019 / COMPETITION /

ARENA FIGHT BEST FRENCH KICKBOXING &amp; MMA FIGHTS ARENA FIGHT / 2019 / COMPETITION /

ARENA FIGHT BEST FRENCH KICKBOXING &amp; MMA FIGHTS ARENA FIGHT / 2019 / COMPETITION / VISIBILITY / FIGHTERS / MEDIA RIGHTS ARENA FIGHT ARENA FIGHT is the new top fight sport competition series launched in France in 2019. Committed to

108 views • 10 slides
A New Era of Silicon Prototyping in Computer Architecture Research Christopher Torng Computer

A New Era of Silicon Prototyping in Computer Architecture Research Christopher Torng Computer

A New Era of Silicon Prototyping in Computer Architecture Research Christopher Torng Computer Systems Laboratory School of Electrical and Computer Engineering Cornell University Recent History of Prototypes at Cornell University Why

232 views • 21 slides
A New Era of Silicon Prototyping in Computer Architecture Research Christopher Torng Computer

A New Era of Silicon Prototyping in Computer Architecture Research Christopher Torng Computer

A New Era of Silicon Prototyping in Computer Architecture Research Christopher Torng Computer Systems Laboratory School of Electrical and Computer Engineering Cornell University Recent History of Prototypes at Cornell University 4 6 8 1 1

483 views • 27 slides
DMA Support for the Sancus Architecture Lightweight and Open-Source Trusted Computing for the IoT

DMA Support for the Sancus Architecture Lightweight and Open-Source Trusted Computing for the IoT

DMA Support for the Sancus Architecture Lightweight and Open-Source Trusted Computing for the IoT Sergio Seminara seminara@kth.se KTH - Kungliga Tekniska Hgskola Examiner: prof. Mads Dam Supervisor: prof. Roberto Guanciale Seminara (KTH)

545 views • 50 slides
1 L Nov-29-05 SMD157, High-Fidelity Prototyping Overview Prototyping revisited

1 L Nov-29-05 SMD157, High-Fidelity Prototyping Overview Prototyping revisited

INSTITUTIONEN FR SYSTEMTEKNIK LULE TEKNISKA UNIVERSITET High-Fidelity Prototyping and Flash SMD157 Human-Computer Interaction Fall 2005 1 L Nov-29-05 SMD157, High-Fidelity Prototyping Overview Prototyping revisited

689 views • 10 slides
Prototyping Paper Prototyping Digital Prototyping References Jrg Cassens SoSe 2019

Prototyping Paper Prototyping Digital Prototyping References Jrg Cassens SoSe 2019

Introduction Prototyping Paper Prototyping Digital Prototyping References Jrg Cassens SoSe 2019 Contextual Design of Interactive Systems SoSe 2019 Jrg Cassens Prototyping 1 / 50 Introduction Fidelity Completeness Paper

696 views • 52 slides
Prototyping. Research through design Gabriela Avram CS4009 Prototyping What is a

Prototyping. Research through design Gabriela Avram CS4009 Prototyping What is a

Prototyping. Research through design Gabriela Avram CS4009 Prototyping What is a prototype? Why prototype? Different kinds of prototyping - Low fidelity - High fidelity Compromises in prototyping - Vertical

465 views • 30 slides
Planar: Parallel Lightweight Architecture-Aware Adaptive Graph Repartitioning Angen Zheng ,

Planar: Parallel Lightweight Architecture-Aware Adaptive Graph Repartitioning Angen Zheng ,

Planar: Parallel Lightweight Architecture-Aware Adaptive Graph Repartitioning Angen Zheng , Alexandros Labrinidis, and Panos K. Chrysanthis University of Pittsburgh 1 Graph Partitioning Applications of Graph Partitioning Scientific

642 views • 46 slides
Prototyping center and its capabilities General information Prototyping center is a structural

Prototyping center and its capabilities General information Prototyping center is a structural

Prototyping center and its capabilities General information Prototyping center is a structural subdivision of the PI &quot;NURIS&quot;, aimed on the production of prototypes, parts and structures, including design work. Prototyping Center

333 views • 30 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

417 views • 12 slides
Exercise 4: Fight Club Karl Gmeiner 2015 Exercise 4: Fight Club 1 Exercise 4: Fight Club The

Exercise 4: Fight Club Karl Gmeiner 2015 Exercise 4: Fight Club 1 Exercise 4: Fight Club The

Exercise 4: Fight Club Karl Gmeiner 2015 Exercise 4: Fight Club 1 Exercise 4: Fight Club The first rule of this exercise is, do not talk about this exercise. Implement a round and text-based fighter game. In this game, you can create fighters

196 views • 3 slides
The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept will revolutionise the aviation industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight applications Patent Applied For

479 views • 12 slides
LEARNING TO FIGHT EXODUS 17:8-16 New Experience: Israel must learn to fight EXODUS 17:8-16 At

LEARNING TO FIGHT EXODUS 17:8-16 New Experience: Israel must learn to fight EXODUS 17:8-16 At

LEARNING TO FIGHT EXODUS 17:8-16 New Experience: Israel must learn to fight EXODUS 17:8-16 At Rephidim, Amalek came and fought against Israel. Moses said to Joshua, Select some men for us and go fight against Amalek. Tomorrow I will stand

855 views • 49 slides

More recommend